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REMARKS 

This is a full and timely response to the non-final Office action mailed November 
29, 2005* Reexamination and reconsideration in view of the foregoing amendments and 
following remarks is respectfully solicited. 

Claims 9, 11-13, 15-17, 19, 20, and 23 are now pending in this application, with 
Claims 15 and 23 being the independent claims. Claims 9, 1 1-13, 15, 16, 19 , and 20 
have been amended, Claims 1-8, 10, 14, 18, 21, and 22 have been canceled, and Claim 23 
is newly presented herein. No new matter is believed to have been added. 

Refections Under 35 U.S.C. S 112, Second Paragraph 

Claims 1 and 8 were rejected under 35 U.S.C. § 1 12, second paragraph, as 
allegedly being indefinite. As these claims have been canceled herein, this rejection is 
believed to be rendered moot. Moreover, Applicants submit that none of the remaining 
claims include the alleged deficiency noted in the Office action. 

In view of the foregoing, reconsideration and withdrawal of the § 1 12, second 
paragraph rejection is requested. 

Rejections Under 35 U.S.C. S 103 

Claims 1, 3, 5-8, 12, 12, 13, 21, and 22 were rejected under 35 U.S.C. § 103 as 
allegedly being unpatentable over U.S. Patent No. 6,157,955 (Narad et al.V and a 
publication entitled, "Using the Accelar 710 Server Switch** (Nortel! Claims 2 and 9 
were rejected under 3 5 U.S.C. § 1 03 as allegedly being unpatentable over Narad et al» 
Nortel, and a publication entitled, 'Introduction to SSL" (Netscape! Claims 4 and 1 1 
were rejected under 35 U.S.C. § 103 as allegedly being unpatentable over Narad et al.. 
Nortel, and a publication entitled, "A Message Authentication Code based on Latin 
Squares" (Bakhtiari et alA and Claims 14-20 rejected under 35 U.S.C. § 103 as allegedly 
being unpatentable over Narad et al» Nortel a publication entitled, "An Overview of 
SSL" (Shostack ). and a publication entitled, "RFC 879 - TCP Maximum Segment Size 
and related topics" (Po). These rejections are respectfully traversed. 

As to the above-noted rejections of Claims 1-8, 10, 14, 18, 21, and 22, it is noted 
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that these claims have either been canceled or have had their dependencies changed, 
thereby mooting the rejections; As to independent Claims 15 and 23, these claims now 
recite a method implemented in an SSL proxy and an SSL proxy, respectively, that 
asynchronously decrypts SSL packets associated with a given SSL record that are sent to, 
and subsequently released from, a hold queue, while the given SSL record is still being 
received in toto. Specifically, each of these claims now recites, inter alia, that the SSL 
proxy determines if received packets are SSL packets by examining the header of each 
packet, decrypts SSL packets that are received in order, places SSL packets that are 
received out of order in a hold queue, checks the hold queue to determine if the SSL 
packets placed therein are next in order for a given record, releases SSL packets from the 
hold queue if the SSL packets in the hold queue are next in order for a given record, 
decrypts the encrypted portion of each SSL packet released from the hold queue to form 
decrypted SSL packets, checks the decrypted SSL packets to determine if all SSL packets 
expected for a given record have arrived, and outputs the decrypted packets to a server 
computer when all of the SSL packets expected for a given record have arrived 

Narad et al. discloses a general purpose packet processing platform that uses a 
policy engine to transform inbound packets to outbound packets. Based on applications 
running on a policy processor, an inbound packet can be transmitted, decrypted, classified 
or have some other action performed on it As is shown in FIG. 4 of Narad et al» » the 
packets are received from, and released to, Ethernet connections. Thus, Narad et al. 
discloses a device that operates at the local area network level 

Nortel discloses a hardware switch that can process SSL traffic. The switch is 
positioned in front of one or more servers, to intercept, process, and forward SSL 
transactions to the server in plaintext. 

As was noted in Applicants 9 previous responses, it is clear that Narad et al. 
explicitly teaches away from the combination proposed in the Office action. Specifically, 
Narad et_aL explicitly teaches that switched-based packet processing is not cost effective, 
that switch-based processors lack processing power, and that porting applications to 
switches is difficult- See col. 3, 11. 18-43. This explicit teaching of the undesirability of 
using switches for packet processing renders alleged combination wholly improper. 
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The Office attempts to refute this clear teaching away by arguing that Nortel was 
cited only for its teachings of SSL processing. This refutation, however, completely 
misses the point, and wholly vitiates the entire legal doctrine of 'teaching away," which is 
supported by much legal precedent. The entire point of the teaching away doctrine is that, 
in the context of the instant application for example, one of ordinary skill in the art would 
not have even considered using Nortel to modify Narad et ah for any reason whatsoever. 
Why? Because Narad et al. explicitly teaches that the use of switches for packet 
processing is undesirable. Thus, no ordinarily skilled artisan would have been motivated 
in the least to apply the teachings of yortel to Narad et al. 

Moreover, the motivation provided in the Office action for making the alleged 
modification is based on the efficacies of the Accelar 710 server switch itself that are 
disclosed in Nortel . In particular, Nortel explicitly states that <£ [t]he Accelar 710 Server 
Switch alleviates server resources by offloading security processing from the server.** 
Nortel at 1-1. Thus, the indication in the Office action that Nortel is being relied on only 
for its teaching of SSL processing is completely disingenuous. 

In addition to the above-noted deficiencies of the proffered rejections, Applicants 
additionally submit that neither Narad et al. nor Nortel, either alone or in combination, 
. disclose or even remotely suggest the features now recited in independent Claims 15 and 
23. Indeed, independent method Claim 1 5 now recites, albeit more clearly, the features 
that were recited in dependent Claim 1 8, and newly presented apparatus Claiixi 23 now 
recites an SSL proxy configured to implement functions that parallel these steps. Indeed, 
it was readily admitted in the Office action that this combination of references does not 
disclose this combination of features, and relied on Shostack and Po to allegedly cure this 
deficiency. However, Applicants submit that none of the cited references suggest the 
combination of features that are now recited in independent Claims 1 5 and 23 . 

Both Narad et al. and Nortel have been summarized above and neither of these 
references, either alone or in combination, provides any hint of teaching of asynchronous 
decryption of SSL packets associated with a given SSL record. As regards Shostack, this 
reference is merely a document that provides an overview of the SSL protocol, and 
provides to teaching or suggestion regarding asynchronous decryption of SSL packets 

7 



PAGE 10/12 * RCVD AT 3/27/2006 5:00:56 PM [Eastern Standard Time] * SVR:USPTO£FXRF-3/12 * DNIS:2738300 1 CSID:4803855061 4 DURATION (mm-ss):03-54 



tar. 27. 2006 2:55PM INGRASSIA FISHER A LORENZ PC No. 7356 P. 11 

AppL No. 09/877,473 

Amdt Dated March 27, 2006 

Reply to Office Action of November 29, 2005 

associated with a given SSL record. Similarly, Po is document that was provided merely 
to provide a clarification of the TCP specification as it relates to maximum segment size, 
and also provides to teaching or suggestion regarding asynchronous decryption of SSL 
packets associated with a given SSL record. 

In view of the foregoing, Applicants submit that a prima fecie case of obviousness 
has not* and cannot, be established from the teachings of Narad et aL Nortel, Shostack, 
and Po, nor any of the other citations of record, namely Netscap e and Bakhtiari et aL As 
such, reconsideration and withdrawal of the § 103 rejections is solicited* 

Finally, Applicants wish to note that the Examiner took Official Notice that it 
would have been obvious to an ordinarily skilled artisan to check a hold queue to 
determine if all packets for a given record have arrived. Although this feature is not 
explicitly recited in independent Claim 15 as it is currently presented, Applicants do wish 
to seasonably traverse this statement of what is allegedly well-known, and submits a 
demand for evidence of the same. Sws M.P.E.P. § 2144.03. 

Conclusion 

Based on the above, independent Claims 15 and 23 are patentable over the 
citations of record* The dependent claims are also deemed patentable for the reasons 
given above with respect to the independent claims and because each recite features 
which are patentable in its own right Individual consideration of the dependent claims is 
respectfully solicited. 

The other art of record is also not understood to disclose or suggest the inventive 
concept of the present invention as defined by the claims. 

Hence, Applicants submit that the present application is in condition for 
allowance. Favorable reconsideration and withdrawal of the obj ections and rejections set 
forth in the above-noted Office Action, and an early Notice of Allowance are requested. 

If the Examiner has any comments or suggestions that could place this application 
in even better form, the Examiner is requested to telephone the undersigned attorney at 
the below-listed number. 
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If for some reason Applicants have not paid a sufficient fee for this response, 
please consider this as authorization to charge Ingrassia, Fisher & Lorenz, Deposit 
Account No. 50-2091 for any fee which may be due. 



Respectfully submitted, 



Dated: 




9 



PAGE 12/12 ' RCVDAT 3(27/2006 5:00:56 PM [Eastern Standard Time] * SVR:USPTO-EFXRF-3/12 ' DN!S:2738300 1 CSID:4803855061 * DURATION (mm-ss):03-54 



